Skip to main content
Sujets à suivre
Featured Insights
Voir tout
Voir tout
À propos de notre cabinet d’avocats
  • Accueil
  • Insights
  • US FDIC and OCC Issue Joint Notice of Proposed Rulemaking to Prohibit the Use of Reputation Risk by Regulators
octobre 13 2025

US FDIC and OCC Issue Joint Notice of Proposed Rulemaking to Prohibit the Use of Reputation Risk by Regulators

Auteurs:
Télécharger le PDF
Share

On October 7, 2025, the Federal Deposit Insurance Corporation (“FDIC”) and the Office of the Comptroller of the Currency (“OCC”) (together, the “Agencies”) issued a Notice of Proposed Rulemaking regarding Prohibition on Use of Reputation Risk by Regulators (the “Proposed Rule”). The Proposed Rule would codify the removal of reputation risk from the Agencies’ supervisory programs.

The Proposed Rule would prohibit the Agencies from using reputation risk to criticize, formally or informally, or take adverse action against a financial institution. It also would stop the Agencies from requiring, instructing, or encouraging a supervised institution to take certain actions, such as modifying a product or service, based on “the person’s or entity’s political, social, cultural, or religious views or beliefs, constitutionally protected speech, or solely on the basis of the third party’s involvement in politically disfavored but lawful business activities perceived to present reputation risk.”1

Comments on the Proposed Rule are due 60 days after publication in the Federal Register. Publication is likely to be delayed for some time because, during a government shutdown, the Federal Register may publish only documents directly related to the performance of governmental functions necessary to address imminent threats to the safety of human life or protection of property.

Background

As we detailed in our August Legal Update, in response to concerns regarding politicized and unlawful debanking, on August 7, President Donald Trump issued Executive Order 14331 entitled Guaranteeing Fair Banking for All Americans (the “Debanking Order”). Pursuant to the Debanking Order, federal banking regulators were directed to take specific steps to end politicized and unlawful debanking practices. In particular, federal banking regulators were given 180 days to remove from supervisory materials the use of reputation risk that could result in politicized or unlawful debanking and to consider changing parts of regulations that could result in politicized or unlawful debanking.

The Proposed Rule represents the Agencies undertaking measures to “respond to concerns expressed in Executive Order 14331 . . . .”2 As noted in the Proposed Rule, the Agencies already have removed3 reputation risk from each of their supervisory frameworks.4 The Proposed Rule would codify these changes in regulation.

Proposed Rule

The Proposed Rule discusses the belief that a regulator’s use of reputation risk increases subjectivity in banking supervision without adding material value from a safety and soundness perspective. While the Agencies recognize the importance of a bank’s reputation, the Proposed Rule notes that activities that could impact a bank’s reputation can be addressed through traditional risk channels, such as credit risk, market risk, and operational risk. The Proposed Rule explains that reputation risk “diverts bank and agency resources from more salient risks”5 without adding to safety and soundness. Ultimately, the Agencies argue that “there is no clear evidence that interference in banks’ activities or relationships in the interest of protecting the banks’ reputations has protected banks from losses or improved banks’ performances.”6

Based on the Agencies’ view that the subjectivity of reputation risk and its inefficacy in identifying risks to safety and soundness, as well as the potential for regulatory overreach and abuse, the Agencies are proposing to make conforming amendments to existing FDIC and OCC regulations to eliminate references to reputation risk.

The Proposed Rule defines “reputation risk” to include the risk “that an action or activity, or combination of actions or activities, or lack of actions or activities, of an institution could negatively impact public perception of the institution for reasons unrelated to the current or future financial condition of the institution.”7 The definition focuses on concerns related to the public’s perception of the institution beyond other risks in the supervisory framework. The Proposed Rule’s definition is not intended to capture public perceptions about an institution’s current or former financial condition, as those perceptions might relate to risks other than reputation risk (e.g., it would not be considered reputation risk if public perceptions are that a bank has insufficient liquidity and so is susceptible to a bank run).

The Proposed Rule amends existing regulations to prohibit the Agencies from formally or informally criticizing or taking adverse action on the basis of reputation risk.8 The Proposed Rule also precludes the Agencies, on the basis of reputation risk, from requiring, instructing, or encouraging an institution or its employees:

  • To refrain from contracting with or to terminate or modify a contract with a third party, including an institution-affiliated party.
  • To refrain from doing business with or to terminate or modify a business relationship with a third party, including an institution-affiliated party.
  • To enter into a contract or business relationship with a third party.
  • To terminate a contract with, discontinue doing business with, or modify the terms under which it will do business with a person or entity on the basis of the person’s or entity’s political, social, cultural, or religious views or beliefs, constitutionally protected speech, or solely on the basis of the third party’s involvement in politically disfavored but lawful business activities perceived to present reputation risk.

The Proposed Rule purports not to affect requirements related to financial crime compliance, such as economic sanctions and anti-money laundering. However, it makes clear that examiners may not use the Bank Secrecy Act or anti-money laundering concerns as a pretext for supervising the reputation risk of an institution.

In addition, “adverse action” is defined broadly in the Proposed Rule to “include the provision of negative feedback, including feedback in a report of examination, a memorandum of understanding, verbal feedback, or an enforcement action.”9 Action is meant to include any action of any agency employee.

The Proposed Rule also clarifies that “doing business with” encompasses a wide range of relationships, including bank clients, third-party service providers, charitable services, and prospective business relationships.

Implications

The Proposed Rule is not intended to impose any requirements or obligations on supervised institutions. In particular, it is not meant to alter an institution’s ability to make business decisions related to its customers or third-party arrangements, including the ability to manage them effectively, consistent with safety and soundness and compliance with applicable laws.

The Proposed Rule also does not address other provisions of the Debanking Order, such as those that require the federal banking regulators to identify institutions that have engaged in politicized or unlawful debanking and take appropriate remedial action. To the extent they have not already done so, financial institutions should consider examining their policies and practices to identify actions that may result in politicized or unlawful debanking. Financial institutions should also review their risk governance frameworks, principal risk taxonomies, and reputation risk guidelines to ensure compliance with recent government updates and should monitor ongoing updates regarding the Proposed Rule. As with many compliance issues, self-identification and prompt remediation are likely to influence a regulator’s decision-making on potential penalties.

 

 

1 OCC and FDIC, Notice of Proposed Rulemaking regarding Prohibition on Use of Reputation Risk by Regulators (“NPR”), at 11 (October 7, 2025).

2 NPR at 5.

3 NPR at 5.

4 The Board of Governors of the Federal Reserve System did not join the Agencies in issuing the Proposed Rule but announced in June that reputational risk will no longer be a component of examination programs in its supervision of banks. The National Credit Union Administration recently announced a similar supervisory action.

5 NPR at 5.

6 NPR at 7.

7 NPR at 14.

8 The Agencies’ identity-theft prevention regulations refer to reputation risk, but those regulations can be changed only through an interagency rulemaking with other regulators. While the Agencies may undertake a joint rulemaking in the future, until then, they will exercise their enforcement discretion to assess compliance with the identity-theft prevention regulations without regard to reputation risk.

9 NPR at 12.

Auteurs

Compétences et Secteurs liés

Stay Up To Date With Our Insights

See how we use a multidisciplinary, integrated approach to meet our clients' needs.
Subscribe

Follow us

© 2025 Mayer Brown. All Rights Reserved

 

 

Mayer Brown is a global legal services provider comprising associated legal practices that are separate entities, including Mayer Brown LLP (Illinois, USA), Mayer Brown International LLP (England & Wales), Mayer Brown Hong Kong LLP (a Hong Kong limited liability partnership) and Tauil & Chequer Advogados (a Brazilian law partnership) (collectively, the “Mayer Brown Practices”). The Mayer Brown Practices are established in various jurisdictions and may be a legal person or a partnership. PK Wong & Nair LLC (“PKWN”) is the constituent Singapore law practice of our licensed joint law venture in Singapore, Mayer Brown PK Wong & Nair Pte. Ltd. More information about the individual Mayer Brown Practices and PKWN can be found in the Legal Notices section of our website.

“Mayer Brown” and the Mayer Brown logo are the trademarks of Mayer Brown.

Attorney Advertising. Prior results do not guarantee a similar outcome.